Files
poky/meta/recipes-devtools/ruby/ruby/CVE-2024-27282.patch
Ashish Sharma 6d58d0c4a2 ruby: backport fix for CVE-2024-27282
Upstream-Status: Backport [989a235580]
(From OE-Core rev: 94a0350058e51c4b05bf5d4e02d048c2e6256725)

Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-07-24 07:51:58 -07:00

30 lines
1.0 KiB
Diff

From 989a2355808a63fc45367785c82ffd46d18c900a Mon Sep 17 00:00:00 2001
From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
Date: Fri, 12 Apr 2024 15:01:47 +1000
Subject: [PATCH] Fix Use-After-Free issue for Regexp
Co-authored-by: Isaac Peka <7493006+isaac-peka@users.noreply.github.com>
Upstream-Status: Backport [https://github.com/ruby/ruby/commit/989a2355808a63fc45367785c82ffd46d18c900a]
CVE: CVE-2024-27282
Signed-off-by: Ashish Sharma <asharma@mvista.com>
regexec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/regexec.c b/regexec.c
index 73694ab14a0b0a..140691ad42489f 100644
--- a/regexec.c
+++ b/regexec.c
@@ -3449,8 +3449,8 @@ match_at(regex_t* reg, const UChar* str, const UChar* end,
CASE(OP_MEMORY_END_PUSH_REC) MOP_IN(OP_MEMORY_END_PUSH_REC);
GET_MEMNUM_INC(mem, p);
STACK_GET_MEM_START(mem, stkp); /* should be before push mem-end. */
- STACK_PUSH_MEM_END(mem, s);
mem_start_stk[mem] = GET_STACK_INDEX(stkp);
+ STACK_PUSH_MEM_END(mem, s);
MOP_OUT;
JUMP;